===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/auth2.c,v
retrieving revision 1.123
retrieving revision 1.124
diff -u -r1.123 -r1.124
--- src/usr.bin/ssh/auth2.c	2011/03/10 02:52:57	1.123
+++ src/usr.bin/ssh/auth2.c	2011/12/07 05:44:38	1.124
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2.c,v 1.123 2011/03/10 02:52:57 djm Exp $ */
+/* $OpenBSD: auth2.c,v 1.124 2011/12/07 05:44:38 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -109,7 +109,7 @@
 		close(fd);
 		return (NULL);
 	}
-	if (st.st_size > 1*1024*1024) {
+	if (st.st_size <= 0 || st.st_size > 1*1024*1024) {
 		close(fd);
 		return (NULL);
 	}